The Maze Ransomware Actors have recently posted 10 Screenshots about the attack they did to Xerox Corporation. A private security firm analyzed the screenshots and reveals that the screenshots compromised server files and data that were encrypted by the Threat actors.
Below is one of the screenshots:
As per the report, these Threat Operators said that they have taken 100GB of files from Xerox Corporation, and one specific screenshot consists of a warning message for Xerox Corporation to contact them within 3 days; otherwise, the breached information will be posted on the Maze’s Website. These Threat Actors appear to have stolen financial documents, databases that may contain important information. Based on the screenshots, the Threat actors started encrypting files from Xerox by June 24.
Below are other screenshots:
Once the ransom is paid by the Company, the Threat Actors will delete all their encrypted files from their records and will implement a descriptor to recover the data.
The screenshots also reveal that these Threat Actors are in Xerox Corporation until June 25, 2020.
Xerox Holdings Corporation is an American corporation known to market print and sells digital document as a product and services for more than 160 countries. It currently has 27,000 employees and reported to have a $10.265 Billion revenue in 2017.
Maze Ransomware operators are well-known Cybercriminal Group for their attacks are always carefully planned and executed seamlessly. They have also been very active lately as they have recently attacked large organizations such as Banco de Costa Rica, Conduent, U.S. Military Contractor, and the most recent is their attack to a South Korean multinational electronics company headquartered in Yeouido-dong, Seoul, South Korea, LG Electronics.
Ransomware attacks must be taken with diligence as a severe amount of money is involved most of the time. It was revealed by the University of California San Francisco (UCSF) that they paid a whopping amount of $1.14 million to recover the data encrypted during a ransomware attack that reportedly involved NetWalker ransomware.
Few steps to follow to mitigate Data Breaches:
- The user should patch and update all installed software as soon as available.
- Safeguarding your Data Systems by using reputed Antivirus software and Internet Security software.
- Encrypt sensitive data by using the banking industry level of encryption.
- Enforce strong credentials by randomizing the password with different characters and the use of multifactor authentication (2FA).
- Educating all employees on best security practices.